[DISCUSS] no longer ignore dependabot
Devs, We've been ignoring dependabot a lot as it's PR never passed tests. https://github.com/apache/cloudstack/pull/11028 now has passed all GHA so I suggest we start ignoring the bot less from now on. Not that I had to rebase the PR to make it work, so this might take some effort from our part. Another thing to take into consideration is that it tends to propose changes to ui/package-lock.json thoughts? -- Daan
Re: [DISCUSS] no longer ignore dependabot
:D, how to say no without saying no. On Tue, Jun 17, 2025 at 12:59 PM Rohit Yadav wrote: > > Any changes to package-lock.json should ideally requires a full UI manual QA, > so ideally best avoided unless the manual QA of most/all UI features can be > done. > > QA full test plan: > https://github.com/apache/cloudstack-primate/blob/master/.github/ISSUE_TEMPLATE/test_full_plan.md > > > Regards. > > > > > > From: Daan Hoogland > Sent: Tuesday, June 17, 2025 16:01 > To: dev > Subject: [DISCUSS] no longer ignore dependabot > > Devs, > > We've been ignoring dependabot a lot as it's PR never passed tests. > https://github.com/apache/cloudstack/pull/11028 now has passed all GHA > so I suggest we start ignoring the bot less from now on. Not that I > had to rebase the PR to make it work, so this might take some effort > from our part. > > Another thing to take into consideration is that it tends to propose > changes to ui/package-lock.json > > thoughts? > > -- > Daan -- Daan
Re: [DISCUSS] no longer ignore dependabot
Any changes to package-lock.json should ideally requires a full UI manual QA, so ideally best avoided unless the manual QA of most/all UI features can be done. QA full test plan: https://github.com/apache/cloudstack-primate/blob/master/.github/ISSUE_TEMPLATE/test_full_plan.md Regards. From: Daan Hoogland Sent: Tuesday, June 17, 2025 16:01 To: dev Subject: [DISCUSS] no longer ignore dependabot Devs, We've been ignoring dependabot a lot as it's PR never passed tests. https://github.com/apache/cloudstack/pull/11028 now has passed all GHA so I suggest we start ignoring the bot less from now on. Not that I had to rebase the PR to make it work, so this might take some effort from our part. Another thing to take into consideration is that it tends to propose changes to ui/package-lock.json thoughts? -- Daan
